PATCH&RFC: "persistent state" directory default/config/API

On Fri, Sep 28, 2018 at 11:22:22AM +0100, Joe Orton wrote:
> Example users are the mod_dav_fs lock database, mod_md's MD data store.
> With an API & default, these can have hard-coded default paths so the
> modules work without needing configuration. The proxy cache root could
> count here too.
FWIW, part of the motivation here is being able to have a common
security policy for this kind of data, e.g. for SELinux. When modules
like mod_md/mod_dav want to drop data at $Root/$Random_Name it is
hard/impossible to have SELinux policy which allows modules to work by
default. If we have three categories of data separated into three
directories:
- run-time data: root-writable, temporary, readable by unprivileged children
- log data: root-writable, *append-only* data (open fails w/o O_APPEND)
- state data: unprivileged children have random access read/write
we can have SELinux policy which "just works", without needing custom
policy rules for mod_dav, and for mod_md, etc etc.
Two patches attached:
a) PoC implementation of StateDir/ap_state_dir_relative()
b) patches showing how this can be used in modules/. Note this does
move the hard-coded default MdStoreDir for 2.5.x
I'll commit later in the week if there is no feedback.
Regards, Joe